I have considered adding some support for scripting using javascript, but haven't seen any good way to do this in a clean way. Basically javascript doesn't have any real support for sandboxing, so user scripts will run in the same global space as the rest of the application. This is not exactly dangerous since the user can only hurt themselves by messing up the browser side application state, but I really prefer a cleaner sandboxed implementation if possible.